50630 matches found
Gitlab 14.9 Authentication Bypass
Exploit Title: Gitlab 14.9 - Authentication Bypass Date: 12/04/2022 Exploit Authors: Greenwolf & stacksmashing Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to...
Gitlab 14.9 Cross Site Scripting
Exploit Title: Gitlab Stored XSS Date: 12/04/2022 Exploit Authors: Greenwolf & stacksmashing Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions...
WordPress ScrollReveal.js Effects 1.1.1 Cross Site Scripting
Exploit Title: WordPress Plugin ScrollReveal.js Effects - Stored Cross Site Scripting Date: 25-04-2022 Exploit Author: Mariam Tariq - Hunt3rsherlock Vendor Homepage: https://wordpress.org/plugins/scrollrevealjs-effects/ Version: 1.1.1 Tested on: Firefox Contact me: [email protected]...
Joomla Sexy Polling 2.1.7 SQL Injection
SexyPolling SQL Injection ==================== | Identifier: | AIT-SA-20220208-01| | Target: | Sexy Polling Joomla Extension | | Vendor: | 2glux | | Version: | all versions below version 2.1.8 | | CVE: | Not yet | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner...
Watch Queue Out-Of-Bounds Write
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Watch Queue Out of Bounds Write', 'Description' = %q This module exploits a vulnerability in the Linux Kernel's watchqueue event notification...
ManageEngine ADSelfService Plus Custom Script Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADSelfService Plus Custom Script Execution', 'Description' = %q This module exploits the "custom script" feature of ADSelfService...
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor
!/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com | https://www.usriot.com Affected version: 1.0.36 USR-G800V2, USR-G806, USR-G807, USR-G808 1.2.7 USR-LG220-L Summary:...
Online Restaurant Table Reservation System 1.0 SQL Injection
Exploit Title: Online Restaurant Table Reservation System v1.0 Exploit Author: segf0lt Date: April 20, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15286/online-restaurant-table-reservation-system-phpoop-free-source-code.html Software Link:...
Pharmacy Management System 1.0 SQL Injection
Exploit Title: Pharmacy management system - 'email' SQL injection Date: 19/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html Version: 1.0...
Pharmacy Management System 1.0 Shell Upload
Exploit Title: Pharmacy management system - Remote Code Execution RCE Date: 19/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html Version:...
7-Zip 16 DLL Hijacking
Microsoft Windows Environment Variable Expansion Issue Leads To Remote DLL Hijack Attack vector: 7-ZIP v.16 7-ZIP v.16 and possibly other softwares that utilizes the HTML Help System are prone to a remote DLL hijacking issue which leads to arbitrary code execution. PoC attached. because the OS...
Backdoor.Win32.Loselove Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9a8150938bff3a17fa0169c3dc6dae85.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Loselove Vulnerability: Denial of Service Description: The malware listens on UDP por...
7-Zip 21.07 Code Execution / Privilege Escalation
Exploit Title: 7-zip - Code Execution / Local Privilege Escalation Exploit Author: Kagan Capar Date: 2020-04-12 Vendor homepage: https://www.7-zip.org/ Software link: https://www.7-zip.org/a/7z2107-x64.msi Version: 21.07 and all versions Tested On: Windows 10 Pro x64 References:...
Linux watch_queue Filter Out-Of-Bounds Write
Linux: watchqueue filter OOB write and other bugs This bug report is about things in the watchqueue subsystem, which is only enabled under CONFIGWATCHQUEUE. That seems to be disabled e.g. on Debian, but Ubuntu and Fedora enable it. The watchqueue subsystem has a bug that leads to out-of-bounds...
EaseUS Data Recovery 15.1.0.0 Unquoted Service Path
Exploit Title: EaseUS Data Recovery - 'ensserver.exe' Unquoted Service Path Discovery by: bios Discovery Date: 2022-18-04 Vendor Homepage: https://www.easeus.com/ Tested Version: 15.1.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquote...
PTPublisher 2.3.4 Unquoted Service Path
Exploit Title: PTPublisher v2.3.4 - Unquoted Service Path Discovery by: bios Discovery Date: 2022-18-04 Vendor Homepage: https://www.primera.com/ Tested Version: 2.3.4 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquoted Service Path:...
Backdoor.Win32.GateHell.21 Man-In-The-Middle
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55dB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.GateHell.21 Vulnerability: Port Bounce Scan Description: The malware runs an FTP...
WordPress Motopress Hotel Booking Lite 4.2.4 SQL Injection
Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - SQL Injection Date: 2022-04-11 Exploit Author: Mohsen Dehghani aka 0xProfessional Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2....
ManageEngine ADSelfService Plus 6.1 User Enumeration
Exploit Title: ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: ADSelfService 6.1 Build 6121 Tested Against:...
HackTool.Win32.Delf.vs Insecure Credential Storage
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/92f7f9495ffd56d05a5acf395c9e0097.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HackTool.Win32.Delf.vs Vulnerability: Insecure Credential Storage Description: The malware credentia...
Backdoor.Win32.Delf.zn Insecure Credential Storage
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9acdbfc9f7c1f6e589485b30aa91bfd2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.zn Vulnerability: Insecure Credential Storage Description: The default credentia...
WordPress Popup Maker 1.16.5 Cross Site Scripting
Exploit Title: WordPress Plugin Popup Maker Popup Settings Triggers Add New Cookie Add Cookie Time overwrite the default '1 month' with XSS payload Click 'Add' what triggers the XSS payload Payload examples: alert'XSS';...
Backdoor.Win32.Hupigon.haqj Unquoted Service Path
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/d9542df20f8df457747451dd9e16d1c0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.haqj Vulnerability: Insecure Service Path Description: The malware creates a...
Trojan.Win32.TScash.c Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9d18d318e017b513b9c6cd193ccdc6ff.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.TScash.c Vulnerability: Insecure Permissions Description: The malware writes a PE file...
WordPress Videos Sync PDF 1.7.4 Cross Site Scripting
Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 2022-04-13 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...
Backdoor.Win32.Psychward.03.a Weak Hardcoded Password
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/4b9a42ca1e65cf0a7febbe18f397ef24.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.03.a Vulnerability: Weak Hardcoded Password Description: The malware listen...
WordPress Elementor 3.6.2 Shell Upload
Exploit Title: WordPress Plugin Elementor 3.6.2 - Remote Code Execution RCE Authenticated Date: 04/16/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://elementor.com/ Software Link: https://wordpress.org/plugins/elementor/advanced/ scroll down to select the...
Backdoor.Win32.GateHell.21 Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.GateHell.21 Vulnerability: Authentication Bypass Description: The malware runs an FTP...
PKP Open Journals System 3.3 Cross Site Scripting
Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Date: 31/01/2022 Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References:...
Responsive Online Blog 1.0 SQL Injection
Exploit Title: Responsive Online Blog 1.0 - Blind Boolean-based SQLi Date: 2022-04-16 Exploit Author: Gideon Kamioka @w1ezl Vendor Homepage: https://www.sourcecodester.com/php/14194/responsive-online-blog-website-using-phpmysql.html Software Link:...
Scriptcase 9.7 Shell Upload
Exploit Title: Scriptcasr 9.7 arbitrary file upload getshell Date: 2022-04-08 Exploit Author: luckyt0mat0 Vendor Homepage: https://www.scriptcase.net/ Software Link: https://www.scriptcase.net/download/ Version: 9.7 Tested on: Windows Server 2019 Proof of Concept: POST...
Microsoft Exchange Active Directory Topology 15.0.847.40 Unquoted Service Path
Exploit Title: Microsoft Exchange Active Directory Topology 15.0.847.40 - 'Service MSExchangeADTopology' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Exploit Date: 2022-04-11 Vendor : Microsoft Version : 15.0.847.40 Tested on OS: Microsoft Exchange Server 2013 SP1 PoC :...
Zyxel NWA-1100-NH Command Injection
Exploit Title: Zyxel NWA-1100-NH - Command Injection Date: 12/4/2022 Exploit Author: Ahmed Alroky Vendor Homepage: https://www.zyxel.com/homepage.shtml Version: ALL BEFORE 2.12 Tested on: Linux CVE : CVE-2021-4039 References :...
Fuel CMS 1.5.0 Cross Site Request Forgery
Exploit Title: Fuel CMS 1.5.0 - Cross-Site Request Forgery CSRF Google Dork: NA Date: 11/03/2022 Exploit Author: Ali J Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.5.0 Version: 1.5.0 Tested on: Windows 10 Steps to Reproduce:...
Microsoft Exchange Mailbox Assistants 15.0.847.40 Unquoted Service Path
Exploit Title: Microsoft Exchange Mailbox Assistants 15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Exploit Date: 2022-04-11 Vendor : Microsoft Version : 15.0.847.40 Tested on OS: Microsoft Exchange Server 2013 SP1 PoC :...
Backdoor.Win32.NetSpy.10 Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/45d413b46f1d14a45e8fd36921813d62.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetSpy.10 Vulnerability: Unauthenticated Remote Command Execution Description: The...
Backdoor.Win32.NetCat32.10 Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/dcf16aed5ad4e0058a6cfcc7593dd9e3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetCat32.10 Vulnerability: Unauthenticated Remote Command Execution Description: The...
Backdoor.Win32.Psychward.03.a Weak Hardcoded Password
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/d069738f18957117367b8a79195a6a96.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.03.a Vulnerability: Weak Hardcoded Password Description: The malware listen...
Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Missing Authentication at File Download & Denial of Service product: Siemens A8000 CP-8050/CP-8031 SICAM WEB vulnerable version: SICAM WEB Version 05.80 / Firmware Packag...
Backdoor.Win32.NinjaSpy.c Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9f39606d9e19771af5acc6811ccf557f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NinjaSpy.c Vulnerability: Authentication Bypass Description: The malware listens on T...
Backdoor.Win32.Prorat.cwx Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/2d81bf2c55c81778533b55fb444d4dc6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Prorat.cwx Vulnerability: Insecure Permissions Description: The malware writes a ".EX...
Backdoor.Win32.MotivFTP.12 Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/91b2d216c5d26d9db4289acf68fa1743.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.MotivFTP.12 Vulnerability: Authentication Bypass Description: The malware listens on...
Microsoft HTTP Protocol Stack Denial Of Service
!/usr/bin/env python3 -- coding: utf-8 -- Exploit developed by the polakow from the past @ltdominikow This exploit was made for testing own networks and patch affected systems. I'm not responsible if you do another thing with this exploit. As a drunk wise man said: "Please, don't be a 'culiao'!"...
HackTool.Win32.IpcScan.c Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/8f44374d587eb1657d25da9628cb2b87.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HackTool.Win32.IpcScan.c Vulnerability: Local Stack Buffer Overflow Description: Loading a specially...
Backdoor.Win32.Kilo.016 Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9ede6951ea527f96a785c5e32b5079e6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Kilo.016 Vulnerability: Denial of Service UDP Datagram Description: The malware liste...
Email-Worm.Win32.Pluto.b Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/60a7d5e2d446110d84ef65f6a37af0eb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Pluto.b Vulnerability: Insecure Permissions Description: The malware writes a dir a...
Delta Controls enteliTOUCH 3.40.3935 Cross Site Request Forgery
enteliTouch CSRF CSRF Add User: input type="hidden" name="Username" va...
REDCap Cross Site Scripting
Exploit Title: REDCap var target = document.location.host; var csrftoken = csrftoken; var userId = ''; // Replace with your user ID. function privesc var xhr = new XMLHttpRequest; xhr.open"POST", "https://" + target + "/index.php?route=ControlCenterController:saveNewAdminPriv", true;...
Delta Controls enteliTOUCH 3.40.3935 Cookie User Password Disclosure
Delta Controls enteliTOUCH 3.40.3935 Cookie User Password Disclosure Vendor: Delta Controls Inc. Product web page: https://www.deltacontrols.com Affected version: 3.40.3935 3.40.3706 3.33.4005 Summary: enteliTOUCH - Touchscreen Building Controller. Get instant access to the heart of your BAS. The...
Online Car Wash Booking System 1.0 Blind SQL Injection
Exploit Title: Online Car Wash Booking System 1.0 - Unauthenticated blind SQL Injection Exploit Author: segf0lt Date: April 14, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15274/online-car-wash-booking-system-phpoop-free-source-code.html Software Link:...